Berichten gepost door Visvanath Ratnaweera

Moodle in English -> Authentication -> [auth_saml2] Adding SAML2 Single sign on where the same e-mails already registered otherwise -> [auth_saml2] Adding SAML2 Single sign on where the same e-mails already registered otherwise

door Visvanath Ratnaweera -
Foto van Particularly helpful Moodlers Foto van Translators
Thanks! I too was ready for a major reorganization of privileged users. But the first person who tested finally is a site-admin and he wrote, "Yes. It's working now and my admin role still active, same profile." Very good news.

The reason is clear: People have used their official username and e-mail from the beginning (in their manual accounts). So I only need to flip the 'auth" from "manual" or "emailadm" to "saml2", the same profile seamlessly transits to future! There could be a few, who didn't play, they'll need their usernames changed too. I don't see very many.
Gemiddelde van de beoordelingen:  -

Moodle in English -> Authentication -> [auth_saml2] Adding SAML2 Single sign on where the same e-mails already registered otherwise -> [auth_saml2] Adding SAML2 Single sign on where the same e-mails already registered otherwise

door Visvanath Ratnaweera -
Foto van Particularly helpful Moodlers Foto van Translators
Nothing to apologize, this is information the Federation should have provided!

> Mapping IdP: "mail"

It was at "uid", which is the default. Changed to "mail".

> Mapping Moodle: "Email address"
> ..
> also have "Data mapping (Email address)" set to "mail"
 
Those two were correct.
 
Now it ends with "You have logged in successfully as 'USERNAME@DOMAIN' but are not authorized to access Moodle."
 
Debugging shows:
  • line 398 of /auth/saml2/classes/auth.php: call to moodle_page->set_title()
  • line 824 of /auth/saml2/classes/auth.php: call to auth_saml2\auth->error_page()
  • line 1231 of /auth/saml2/vendor/simplesamlphp/simplesamlphp/modules/saml/src/Auth/Source/SP.php: call to auth_saml2\auth->saml_login_complete()
  • line 1273 of /auth/saml2/vendor/simplesamlphp/simplesamlphp/modules/saml/src/Auth/Source/SP.php: call to SimpleSAML\Module\saml\Auth\Source\SP::handleUnsolicitedAuth()
  • line 1186 of /auth/saml2/vendor/simplesamlphp/simplesamlphp/modules/saml/src/Auth/Source/SP.php: call to SimpleSAML\Module\saml\Auth\Source\SP::onProcessingCompleted()
  • line ? of unknownfile: call to SimpleSAML\Module\saml\Auth\Source\SP->handleResponse()
  • line 68 of /auth/saml2/vendor/simplesamlphp/simplesamlphp/src/SimpleSAML/HTTP/RunnableResponse.php: call to call_user_func_array()
  • line 38 of /auth/saml2/sp/saml2-acs.php: call to SimpleSAML\HTTP\RunnableResponse->sendContent()
Note that a manual account with USERNAME and USERNAME@DOMAIN as e-mail already exists. 
 
Edit: Changed the 'auth' of the user in the mdl_user from "manual" to "saml2" - things have changed to the better. Testing..
Gemiddelde van de beoordelingen:  -

Moodle in English -> Authentication -> email-based self-registration with admin confirmation - migrating off? -> email-based self-registration with admin confirmation - migrating off?

door Visvanath Ratnaweera -
Foto van Particularly helpful Moodlers Foto van Translators
Could you solve your problem. My _guess_ is that simply change the 'auth' field of the mdl_user table from "emailadmin" to "manual" and you are done.
 
Initially you can keep the emailadmin plug-in as it is until everything works, then deactivate it and finally delete, when you are satisfied.
Gemiddelde van de beoordelingen:  -